technical spec for the workstation up for review

Bastien Nocera bnocera at redhat.com
Wed Feb 19 14:36:01 UTC 2014



----- Original Message -----
> On Wed, 2014-02-19 at 08:47 -0500, Bastien Nocera wrote:
> > I think we should reconsider not having a firewall by default, and
> > providing firewalld
> > and a UI for it as an external installable system software. That
> > reflects on its current
> > level of integration in the desktop.
> 
> This would be quite a shame, but I think it is reasonable to specify
> that a firewall in its default configuration may not interfere with the
> normal operation of programs installed by default (Nautilus, Totem,
> anything in the Sharing System Settings panel, ...).

Be my guest. I doubt you'll be able to make it work when shares such as DAAP,
UPnP and number of others use random high ports that are blocked by the firewall
by default. Which means that each application needs to poke a hole in the firewall,
which means that it needs to use the Fedora specific and hard-to-use API[1] to do so.

This needs redesigning from the ground up, with the users and application developers as
the point of focus.

[1]: See firewalld.dbus


More information about the desktop mailing list